System Security Functions: Methodology

• Identify the information assets that need protecting
• Describe the architecture of the information system to be deployed
• Identify and rank the threats to those information assets based on the architecture
• Identify the most serious threats and develop solutions to mitigate the threats as much as possible
• Make specific recommendations of solutions for deployment